Re: Bugzilla Update Staged: Testing Requested

[Michael Pyne]

On Sunday, October 23, 2016 4:34:39 PM EDT Ben Cooksley wrote:
> If you find any issues it would be appreciated if you could let us know.

I haven't found any issues in my testing to this point either.

However the show_bug.cgi page seems to list a table to be used for estimating 
programmer workload in solving the bug (that is, when I'm logged in)... I'm 
not sure this is a good fit for our workflow, is it just a theme feature we can 
disable?

Regards,
 - Michael Pyne

Re: Bugzilla Update Staged: Testing Requested

[David Edmundson]

I had a poke round.

There's a new section on the show_bug page between the status summary and
the attachments list, which shows a time tracker where you say how long a
job should take/is taking.

I don't think this makes any sense outside a coroporate environment, so we
should turn this off.

It's in an if block: [% IF user.is_timetracker %] which is set if the
user is in the group "timetrackinggroup". I think it might be a new feature
in Bugzilla 5 that auto set to on.


Also, in the clone only one of my tracked users in email preferences ->
user watching still exists, So it seems the porting hasn't migrated
something properly. Nothing critical, but worth me mentioning.

Re: Bugzilla Update Staged: Testing Requested

[Ben Cooksley]

On Sun, Oct 23, 2016 at 10:15 PM, Martin Steigerwald
 wrote:
> Am Sonntag, 23. Oktober 2016, 16:34:39 CEST schrieb Ben Cooksley:
>> Hi all,
>
> Hello Ben!

Hi Martin,

>
> Thank for your taking care to update Bugzilla.
>
>> I've prepared an update for bugs.kde.org, from the current version
>> it's running to the latest version of Bugzilla. Due to the nature of
>> changes made by upstream to the HTML it's been necessary to drop the
>> Neverland theme for Bugzilla.
>>
>> As dropping this theme may have resulted in unintentional breakage of
>> templates, and the upgrade is quite significant (from the 4.x to 5.x
>> series) it would be appreciated if folks could please quickly test the
>> instance, located at https://bugstest.kde.org/
>>
>> If you find any issues it would be appreciated if you could let us know.
>
> I had a quick glance at bugs I reported and all seems fine. Actually I prefer
> the fixed fonts the default themes uses as it makes pasted console output so
> much more readable.
>
> However I do not think any of the bugs I reported use a non text based
> template… but I am not sure… what I saw so far, just looks okay.

Thanks for checking. Everyone's usage pattern does differ, hence why
i'd like to see a range of people respond.

>
>
> I do hope that the new version can help to implement measures to make bugzilla
> spam less likely, but if as you and Nicolás say this is really done by people
> who are paid to do it – I still have a hard time believing this… – … they
> basically would be able to circumvent any improvements with captcha´s and
> whatnot :(
>
> What could work is a trainable spam filter within bugzilla. Or at least
> something that greps out phonenumbers together with certain key words (as all
> the spam I saw was just this).
>
> I did some research on bugzilla and spam and… mostly the results are about
> preventing spam sent to users of bugzilla by not exposing their mail
> addresses… but not about spam in bug reports. I had no single hit on a spam
> filter *for* Bugzilla, which surprises me. Also the documentation for Bugzilla
> 5.11 does not seem to mention anything about spam filtering.
>
> I saw similar spam bugs with bugzilla.kernel.org and also Eclipse seems to
> have issues with it:
>
> https://bugs.eclipse.org/bugs/show_bug.cgi?id=502814
>
> An idea here would be allowing others to clean this bugs too. Or modified: A
> button to mark that a bug report contains spam as an easier way to report it.
> Debian uses this approach for their own bug tracker, but as its email based in
> addition to a sophisticated spam filtering mail setup which seems to do pretty
> well.

Some measures which were devised to defend Mediawiki can likely be
applied to Bugzilla with minimal impact and required customisation.
These will be looked into once the update has been deployed.

>
> Thank you,
> --
> Martin

Cheers,
Ben

Re: Bugzilla Update Staged: Testing Requested

[Martin Steigerwald]

Am Sonntag, 23. Oktober 2016, 16:34:39 CEST schrieb Ben Cooksley:
> Hi all,

Hello Ben!

Thank for your taking care to update Bugzilla.

> I've prepared an update for bugs.kde.org, from the current version
> it's running to the latest version of Bugzilla. Due to the nature of
> changes made by upstream to the HTML it's been necessary to drop the
> Neverland theme for Bugzilla.
> 
> As dropping this theme may have resulted in unintentional breakage of
> templates, and the upgrade is quite significant (from the 4.x to 5.x
> series) it would be appreciated if folks could please quickly test the
> instance, located at https://bugstest.kde.org/
> 
> If you find any issues it would be appreciated if you could let us know.

I had a quick glance at bugs I reported and all seems fine. Actually I prefer 
the fixed fonts the default themes uses as it makes pasted console output so 
much more readable.

However I do not think any of the bugs I reported use a non text based 
template… but I am not sure… what I saw so far, just looks okay.


I do hope that the new version can help to implement measures to make bugzilla 
spam less likely, but if as you and Nicolás say this is really done by people 
who are paid to do it – I still have a hard time believing this… – … they 
basically would be able to circumvent any improvements with captcha´s and 
whatnot :(

What could work is a trainable spam filter within bugzilla. Or at least 
something that greps out phonenumbers together with certain key words (as all 
the spam I saw was just this).

I did some research on bugzilla and spam and… mostly the results are about 
preventing spam sent to users of bugzilla by not exposing their mail 
addresses… but not about spam in bug reports. I had no single hit on a spam 
filter *for* Bugzilla, which surprises me. Also the documentation for Bugzilla 
5.11 does not seem to mention anything about spam filtering.

I saw similar spam bugs with bugzilla.kernel.org and also Eclipse seems to 
have issues with it:

https://bugs.eclipse.org/bugs/show_bug.cgi?id=502814

An idea here would be allowing others to clean this bugs too. Or modified: A 
button to mark that a bug report contains spam as an easier way to report it. 
Debian uses this approach for their own bug tracker, but as its email based in 
addition to a sophisticated spam filtering mail setup which seems to do pretty 
well.

Thank you,
-- 
Martin